Unveiling the Power of Zscaler Risk360™: A UX Perspective Shriyash Shete

In the dynamic realm of cybersecurity, we are rapidly developing the recently launched Zscaler Risk360 platform and adding many new AI-powered innovations. As the UX lead for this product, I’m thrilled to offer an in-depth look at its unique features and user-centric design.

Overview:

Zscaler Risk360 empowers organizations to manage and mitigate cybersecurity risks more effectively. Built as a comprehensive framework, it ingests real data from an organization’s Zscaler environment. Its standout features include clear scoring, intuitive visualizations, risk mapped to stages of attack and security frameworks, sophisticated financial exposure models and streamlined board reporting. These features collectively offer detailed, actionable insights for immediate risk mitigation. By enhancing visibility into cyber risk blind spots, Risk360 enables security teams to focus their efforts more efficiently, addressing the most critical cyber risks.

This platform leverages Zscaler’s proprietary architecture and vast data resources, tapping into the Zscaler Zero Trust Exchange, which processes over 370 billion transactions and 500 trillion signals daily. This immense data pool trains some of the world’s most advanced AI/ML security engines.

Understanding the critical role of Risk360:

In today’s digital landscape, quantifying cyber risk is a complex–yet vital–task for enterprises. Traditional methods involve manual data compilation from various security tools, a process that’s often resource-intensive and fails to provide clear risk assessments or highlight true risk drivers. Risk360 addresses these challenges with a comprehensive and actionable framework, streamlining cyber risk management and reporting. Unlike outside-in scorecard vendors, Risk360’s in-depth analysis is powered by Zscaler’s inline position, examining millions of signals, including internal traffic flows.

Key features of Risk360:

Dashboard:

Risk360 introduces an innovative cyber risk scoring system, providing a company-wide score on a 0 to 100 scale. This composite score is detailed further into four key stages of an attack, each with its own score:

1) External attack surface

2) Compromise

3) Lateral propagation

4) Data loss

This scoring ability is a Zscaler exclusive, using first-party data to measure risk across all attack stages. The dashboard also tracks risk score trends and offers industry peer comparisons. The risk model, based on more than 100 individual risk factors, is a product of years of ThreatLabz research, saving companies the substantial cost of developing such a model independently.

Factors:

Each risk factor is presented with a score, severity color, model weight, and suggested mitigation actions. Users can override factors based on their security posture. Detailed insights help users understand risk factor specifics, facilitating investigation and mitigation processes. Investigative details could be data about a server exposed to the internet that represents an external attack surface or it could be a cloud app, user, or location involved in data being uploaded to unsanctioned applications which could amount to data exfiltration. Zscaler’s new integration with CrowdStrike enhances Risk360’s ability to identify potential compromise risks by incorporating threat intelligence data, thus broadening the scope of risk signal detection. Also, with the inclusion of User and Entity Behavior Analytics (UEBA), Risk360 now excels in detecting insider threats and compromised accounts, analyzing user behavior, and identifying anomalies.

Insights:

Risk360 streamlines risk management with its three-step investigative workflow: Insights→ Explore→Investigate.

Utilizing over 100 risk factors and configuration data, it generates high-impact insight cards. Each card encapsulates a problem, a recommended action, and trend charts, guiding security teams on targeted remediation paths. The ‘Explore’ dashboard provides contextual data and metrics for deeper analysis, while the ‘Investigate’ option leads to a detailed list of assets for focused risk remediation.

Financial Risk:

Risk360 includes financial risk information, using real breach financial data mapped to risk scores and industry verticals. This allows for prioritization of mitigation efforts based on monetary value and helps track the financial impact of cyber risks over time. The platform now offers advanced financial modeling with Monte Carlo simulations, providing more accurate financial loss estimates and helping organizations prioritize mitigation through a financial perspective.

Frameworks:

Risk360 aligns with key security risk frameworks like MITRE ATT&CK and NIST CSF, aiding organizations in mapping their cybersecurity controls and risk posture against recognized standards, thereby facilitating risk reduction and compliance.

Reports:

Risk360 streamlines reporting with board-ready slides generated in a single click. The slides cover current and historical cyber risk, top risk factors, and financial exposure. Enhanced reporting capabilities include SEC disclosure samples, aiding compliance with new SEC cybersecurity regulations. Powered by Zscaler’s Generative AI, including custom-developed Large Language Models (LLMs), the Cybersecurity Maturity Assessment report provides an advanced understanding of a company’s progress in its zero trust journey.

Benefits of Risk360:

Risk360 functions seamlessly with an organization’s current Zscaler deployment, requiring no additional deployment or API work. It analyzes ZIA and ZPA traffic, configuration data, and attack surface insights within our factor-driven framework, with the outputs reflected in the Risk360 dashboard.

Organizations leveraging Risk360 gain a proactive security posture, enabling rapid cyber risk mitigation. The insights and reporting tools facilitate effective board discussions on cyber risk. For the first time, they can map cyber risk to financial exposure, a previously challenging endeavor. Thus, Risk360 aids in relieving the pressure on security teams, enhances board reporting, streamlines compliance with cyber risk regulations, and effectively mitigates cyber risk.

Next steps

As a product team committed to continuous improvement based on the user-centric design approach, we value your feedback to enrich and evolve Risk360 into a more empowering, engaging, and delightful experience. Your insights are crucial in shaping the journey of this rapidly growing product at Zscaler. To learn more or to share feedback, contact your Zscaler Team.  

​

 [[{“value”:”In the dynamic realm of cybersecurity, we are rapidly developing the recently launched Zscaler Risk360 platform and adding many new AI-powered innovations. As the UX lead for this product, I’m thrilled to offer an in-depth look at its unique features and user-centric design.

Overview:

Zscaler Risk360 empowers organizations to manage and mitigate cybersecurity risks more effectively. Built as a comprehensive framework, it ingests real data from an organization’s Zscaler environment. Its standout features include clear scoring, intuitive visualizations, risk mapped to stages of attack and security frameworks, sophisticated financial exposure models and streamlined board reporting. These features collectively offer detailed, actionable insights for immediate risk mitigation. By enhancing visibility into cyber risk blind spots, Risk360 enables security teams to focus their efforts more efficiently, addressing the most critical cyber risks.

This platform leverages Zscaler’s proprietary architecture and vast data resources, tapping into the Zscaler Zero Trust Exchange, which processes over 370 billion transactions and 500 trillion signals daily. This immense data pool trains some of the world’s most advanced AI/ML security engines.

Understanding the critical role of Risk360:

In today’s digital landscape, quantifying cyber risk is a complex–yet vital–task for enterprises. Traditional methods involve manual data compilation from various security tools, a process that’s often resource-intensive and fails to provide clear risk assessments or highlight true risk drivers. Risk360 addresses these challenges with a comprehensive and actionable framework, streamlining cyber risk management and reporting. Unlike outside-in scorecard vendors, Risk360’s in-depth analysis is powered by Zscaler’s inline position, examining millions of signals, including internal traffic flows.

Key features of Risk360:

Dashboard:

Risk360 introduces an innovative cyber risk scoring system, providing a company-wide score on a 0 to 100 scale. This composite score is detailed further into four key stages of an attack, each with its own score:

1) External attack surface

2) Compromise

3) Lateral propagation

4) Data loss

This scoring ability is a Zscaler exclusive, using first-party data to measure risk across all attack stages. The dashboard also tracks risk score trends and offers industry peer comparisons. The risk model, based on more than 100 individual risk factors, is a product of years of ThreatLabz research, saving companies the substantial cost of developing such a model independently.

Factors:

Each risk factor is presented with a score, severity color, model weight, and suggested mitigation actions. Users can override factors based on their security posture. Detailed insights help users understand risk factor specifics, facilitating investigation and mitigation processes. Investigative details could be data about a server exposed to the internet that represents an external attack surface or it could be a cloud app, user, or location involved in data being uploaded to unsanctioned applications which could amount to data exfiltration. Zscaler’s new integration with CrowdStrike enhances Risk360’s ability to identify potential compromise risks by incorporating threat intelligence data, thus broadening the scope of risk signal detection. Also, with the inclusion of User and Entity Behavior Analytics (UEBA), Risk360 now excels in detecting insider threats and compromised accounts, analyzing user behavior, and identifying anomalies.

Insights:

Risk360 streamlines risk management with its three-step investigative workflow: Insights→ Explore→Investigate.

Utilizing over 100 risk factors and configuration data, it generates high-impact insight cards. Each card encapsulates a problem, a recommended action, and trend charts, guiding security teams on targeted remediation paths. The ‘Explore’ dashboard provides contextual data and metrics for deeper analysis, while the ‘Investigate’ option leads to a detailed list of assets for focused risk remediation.

Financial Risk:

Risk360 includes financial risk information, using real breach financial data mapped to risk scores and industry verticals. This allows for prioritization of mitigation efforts based on monetary value and helps track the financial impact of cyber risks over time. The platform now offers advanced financial modeling with Monte Carlo simulations, providing more accurate financial loss estimates and helping organizations prioritize mitigation through a financial perspective.

Frameworks:

Risk360 aligns with key security risk frameworks like MITRE ATT&CK and NIST CSF, aiding organizations in mapping their cybersecurity controls and risk posture against recognized standards, thereby facilitating risk reduction and compliance.

Reports:

Risk360 streamlines reporting with board-ready slides generated in a single click. The slides cover current and historical cyber risk, top risk factors, and financial exposure. Enhanced reporting capabilities include SEC disclosure samples, aiding compliance with new SEC cybersecurity regulations. Powered by Zscaler’s Generative AI, including custom-developed Large Language Models (LLMs), the Cybersecurity Maturity Assessment report provides an advanced understanding of a company’s progress in its zero trust journey.

Benefits of Risk360:

Risk360 functions seamlessly with an organization’s current Zscaler deployment, requiring no additional deployment or API work. It analyzes ZIA and ZPA traffic, configuration data, and attack surface insights within our factor-driven framework, with the outputs reflected in the Risk360 dashboard.

Organizations leveraging Risk360 gain a proactive security posture, enabling rapid cyber risk mitigation. The insights and reporting tools facilitate effective board discussions on cyber risk. For the first time, they can map cyber risk to financial exposure, a previously challenging endeavor. Thus, Risk360 aids in relieving the pressure on security teams, enhances board reporting, streamlines compliance with cyber risk regulations, and effectively mitigates cyber risk.

Next steps

As a product team committed to continuous improvement based on the user-centric design approach, we value your feedback to enrich and evolve Risk360 into a more empowering, engaging, and delightful experience. Your insights are crucial in shaping the journey of this rapidly growing product at Zscaler. To learn more or to share feedback, contact your Zscaler Team.”}]]